Financial transaction system

ABSTRACT

A system and method for conducting a financial transaction is disclosed. The system includes a first memory location embedded in a personal portable device. The first memory location stores a plurality of personal financial data files associated with a user. The system also includes a second memory location to store biometric information and a first input interface to receive authentication information after initiation of a purchase transaction session. The system also includes a security module including an input coupled to the first interface to authenticate the authentication information based on the biometric information and an output interface comprising an input coupled to the first memory location and an output to provide personal financial data file information to a host device.

PRIORITY INFORMATION

This application is a continuation of U.S. patent application Ser. No.12/889,864, filed on Sep. 24, 2010, which is a continuation ofapplication Ser. No. 11/239,923, filed on Sep. 30, 2005 and having U.S.Pat. No. 7,823,766 issued on Nov. 2, 2010; both application Ser. No.12/889,864 and application Ser. No. 11/239,923 are hereby incorporatedin their entirety by reference.

FIELD OF THE DISCLOSURE

The present disclosure relates generally to financial transactions andmore particularly to use of portable systems for financial transactions.

BACKGROUND

Consumer financial transactions, including purchase transactions, oftenrequire the exchange of financial account information, such as creditcard information. The seller of a product or service may require apurchaser to provide account numbers, personal authenticationinformation, or other information in order to provide payment for theproduct or service. Even when not required by a seller, paying for theproduct or service in this way may be more convenient for the purchaserthan other payment methods, such as cash payment. However, there aresecurity risks for both the purchaser and the seller associated withusing personal account information to conduct a financial transaction.In addition, particular sellers may only allow payment throughparticular kinds of financial accounts, requiring a purchaser to be inpossession of a wide variety of financial account information.

Therefore, a method and system for conducting financial transactionsthat can provide security and convenience is needed.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure may be better understood, and its numerousfeatures and advantages made apparent to those skilled in the art byreferencing the accompanying drawings.

FIG. 1 is a block diagram of a particular embodiment of a system forconducting a financial transaction;

FIG. 2 is a flow chart of a method of conducting a financial transactionat a host computer in accordance with a particular embodiment; and

FIG. 3 is a flow chart of a method of conducting a financial transactionat a personal portable device in accordance with a particularembodiment.

DESCRIPTION OF THE DRAWINGS

A system and method for conducting a financial transaction is disclosed.One embodiment of the system includes a first memory location embeddedin a personal portable device. The first memory location stores aplurality of personal financial data files associated with a user. Thesystem also includes a second memory location to store biometricinformation of a user of the personal portable device and a first inputinterface to receive authentication information after initiation of apurchase transaction session. The system also includes a security moduleincluding an input coupled to the first interface to authenticate theauthentication information based on the biometric information and anoutput interface comprising an input coupled to the first memorylocation and an output to provide personal financial data fileinformation to a host device.

One embodiment of the method includes initiating at a host a purchasetransaction session with a personal portable device, transmittingbiometric information from the host to the personal portable device,wherein the biometric information is associated with a first person andreceiving information identifying a plurality of available data filesassociated with the first person from the personal portable device aftertransmitting the biometric information. In a particular embodiment, theavailable data files are associated with a corresponding financialaccount of the first person and each available data file includes one ormore account records. The method also includes requesting one or moreaccount records associated with a first data file of the plurality ofavailable data files from the portable device and receiving the one ormore account records.

Referring to FIG. 1, a system for conducting a financial transaction isillustrated. The system includes a personal portable device 102, and ahost device 104. The host device 104 communicates with the personalportable device 102 via an interface. In a particular embodiment, theinterface is a wireless interface. In another particular embodiment, theinterface is a physical connector.

The personal portable device 102 includes a memory 106, a securitymodule 112, and a communication interface 114. The memory 106 is coupledto the communication interface 114. The communication interface 114 iscoupled to the security module 112. The memory 106 stores personalfinancial data files 108 and biometric information 110.

The personal portable device 102 may be a security card, a keychaindevice, or other appropriate device. A personal portable device, such asthe personal portable device 102 is a device that is of sufficientlysmall size to allow a user to conveniently carry the device on hisperson.

The host device 104 includes a memory 116, a communication interface120, and a biometric reader 122. The memory 116 stores authenticationinformation 118. The host device 104 may be a host computer, a cashregister, or other appropriate form factor. The host device 104 may belocated to conveniently conduct financial transactions, such as inretail establishments, such as a department store, convenience store,restaurant, and the like. In one embodiment, the host device 104 isassociated with a check-out location of an establishment. In anotherembodiment host device 104 is associated with a service provided by theestablishment, such as an automated transaction machine (ATM).

During operation, the personal portable device 102 may interface withthe host device 104 to conduct a financial transaction. To conduct atransaction, the personal portable device 102 and the host device 104communicate via the communication interface 114. The host device 104 mayreceive and transmit communications to the personal portable device 102via the communication interface 120. In a particular embodiment, thecommunication interface 114 and the communication interface 120 mayreceive and transmit information over a physical connection, as opposedto a wireless connection. For example, the personal portable device 102may be the size and dimensions of a credit card, and may be insertedinto a card slot in the host device 104, resulting in the communicationinterface 120 being in communication with the communication interface114. In an alternative embodiment, the communication interface 120 andthe communication interface 114 may communicate wirelessly. In aparticular embodiment, the host device 104 may detect a wirelessprotocol supported by the personal portable device 102. For example, thehost device 104 may send a query recognizable by the personal portabledevice 102, and in response receive information from the device relatedto the wireless protocols supported by the device.

The host device 104 includes a biometric reader 122. The biometricreader 122 may be used to obtain biometric information from a customeror other initiator of a financial transaction. The biometric reader mayinclude a fingerprint reader, retinal scanner or other biometric device.

The biometric information may be used to provide security andauthentication information for the financial transaction. In particular,the biometric reader 122 may provide the biometric information to thepersonal portable device via the communication interface 120. Thesecurity module 112 of the personal portable device 102 may then comparethe biometric information received from the host device 104 to thebiometric information 110 stored in the memory 106. If the biometricinformation received from the host device 104 does not match thebiometric information 110 stored in the memory 106, the security module112 may transmit a message to the host device 104 indicating a breach ofsecurity, and the host device 104 may take appropriate action. Thesecurity module 112 may take further security measures in response tobiometric information received from the host device 104 not matching thebiometric of the personal portable device 102, such as erasing thepersonal financial data files 108 or disabling the personal portabledevice 102. Other security measures are possible. For example the,security module 112 may instruct the host device 104 to provide anotification or report to a security clearinghouse, a credit cardcompany or bank, or other entity. The host may also be instructed toprovide the biometric information received at the biometric reader 122to a law enforcement agency or other appropriate entity.

If there is a match in the biometric information, the personal portabledevice 102 may provide the personal financial data files 108 to the hostdevice 104. The host device 104 may use the authentication information118 to authenticate the personal financial data files 108. Theauthentication information 118 may include password information,personal identification number (PIN) information, or otherauthentication information. The authentication information 118 may beobtained from a purchaser after a financial transaction has beeninitiated, from a central database of authentication information (such adatabase that stores credit card numbers and associated userinformation), or from another appropriate source. The authenticationinformation may be protected. For example, the authenticationinformation may be encrypted using a personal or private key orpassword.

After the personal financial data files 108 have been authenticated, theinformation associated with the files may be used to complete afinancial transaction. For example, if the personal financial data files108 include credit card information, a charge may be assessed againstthe associated credit card account. After the financial transaction hasbeen completed, the host device 104 may send a signal or otherindication to the personal portable device 102 indicating completion ofthe transaction. The host device 104 may send further information, suchas information to enable the personal portable device 104 to updateaccount records stored at the device.

The personal financial data files 108 may include a plurality of datafiles. Each data file may contain information associated with personalfinancial records. A personal financial record includes specificinformation associated with a particular financial account. For example,a personal financial record may include a credit card number andexpiration date associated with a particular credit card account. Thepersonal financial record may also include information such as anaccount holder name, a credit limit, authentication information, and thelike. The personal financial data files 108 may store multiple personalfinancial records in each data file, or may store a single record ineach file. In addition, the personal financial data files 108 may beconfigured in a variety of ways. For example, the personal financialdata files 108 may include a data file that stores all of the creditcard numbers associated with the user of the personal portable device102, and may include expiration information for each credit card in aseparate file. Other configurations are possible.

Referring to FIG. 2, a flow chart of a method of communicating with apersonal portable device is illustrated. At 202 the presence of apersonal portable device is detected. The presence of the personalportable device may be detected by a host system. For example, the hostdevice may include a magnetic detector that detects the presence of aninductor or other component incorporated in the personal portabledevice. Alternatively, the host system can periodically provide awireless query to determine if there are any compatible personalportable device within range.

In accordance with one embodiment, the host can provide an activationsignal at 202. In response to the receiving the activation signal, apersonal portable device will transition from an inactive mode, such aslow power mode, to an active mode. For example, the personal portabledevice may be a battery-powered device that operates in a low powermode. The low power mode may only provide enough power to allowdetection of the activation signal. After receiving the activationsignal, the personal portable device may transition to an active mode.In the active mode, the personal portable device may perform otherfunctions, such as transmission of information to a host device. Thepersonal portable device may return to the low power mode after afinancial transaction has been completed. Use of the low power mode mayallow longer battery life for the personal portable device. In anotherparticular embodiment, the personal portable device may include an “off”mode, where the device does not perform any functions. The personalportable device may be transitioned from the off mode to the low poweror active mode through activation of a switch or other input device onthe personal portable device.

Proceeding to 206, a purchase transaction session with the personalportable device is initiated at a host device. The host device may be apersonal computer, a cash register, or the like. In a particularembodiment, a wireless protocol supported by the personal portabledevice is detected after the purchase transaction session has beeninitiated. Moving to step 208, biometric information is transmitted tothe personal portable device. In a particular embodiment, the biometricinformation may be transmitted according to a wireless protocolsupported by the personal portable device. Password information may beused instead of, or in addition to, the biometric information.

The biometric information is associated with a person. The person willtypically be a customer in possession of the personal portable device.The biometric information may be fingerprint or other biometricinformation provided by the customer to the host to allow the host toauthenticate the identity of the possessor of the personal portabledevice.

At 210, information identifying financial account records stored in thedata file associated with the person is received from the personalportable device. The information may be received after the biometricinformation has been authenticated.

At 212, one or more financial account records associated with the datafile are requested from the personal portable device. The financialaccount records may include credit card information, bank accountinformation, or other financial information. In a particular embodiment,each financial account is a credit card account, and the one financialaccount records include credit card numbers. In another particularembodiment the financial accounts may be debit card accounts, checkingaccounts, or other financial accounts.

At 214, one or more financial account records are received from thepersonal portable device. The host device may use the financial accountrecords to obtain payment for the purchase transaction. Proceeding tostep 216, a signal is transmitted to the personal portable deviceterminating the purchase transaction session.

Referring to FIG. 3, a method of conducting a financial transaction at apersonal portable device is illustrated. At step 302 a start signal isreceived from a host to initiate a purchase transaction session at apersonal portable device. Proceeding to step 304, the personal portabledevice is transitioned from a low power state to a normal power state.In a particular embodiment, the normal power state is an operationalstate for purposes of communication with the host to conduct atransaction. The low power state is operable to communicate with thehost for purposes of wake-up, but not for conducting a full financialtransaction. Moving to step 306, biometric information is received atthe personal portable device. The biometric information is associatedwith a person, such as the owner or possessor of the personal portabledevice.

Moving to step 308, the biometric information received is authenticated.The biometric information may be authenticated by comparing the receivedinformation to biometric information stored at the personal portabledevice.

Proceeding to step 310, information identifying a plurality of availablefinancial account data records associated with the person aretransmitted from the personal portable device. The financial accountdata records may include credit card information, checking account orother bank information, or other financial account information. In aparticular embodiment, the financial account data records are encrypted.

At step 312 a request is received at the personal portable device forone or more of the financial account data records. Moving to step 314,the financial account data records are authenticated at the host devicebased on one or more security criteria. The security criteria caninclude password information, further biometric information, or othersecurity information. The security criteria may be set by a user. Afterthe account data records have been authenticated, the method moves tostep 316 and the requested account records are transmitted to the host.The host may use the transmitted account records to assess a chargeassociated with the particular financial account to complete thefinancial transaction.

Other embodiments, uses, and advantages of the disclosure will beapparent to those skilled in the art from consideration of thespecification and practice of the disclosure disclosed herein. Thespecification and drawings should be considered exemplary only, and thescope of the disclosure is accordingly intended to be limited only bythe following claims and equivalents thereof.

What is claimed is:
 1. A method comprising: detecting, by a host system,a presence of a personal portable device; initiating, at the hostsystem, a financial transaction session with the personal portabledevice; responsive to the act of initiating, sending, by the hostsystem, an activation signal to the personal portable device to initiatea financial transaction; responsive to the activation signal receivedfrom the host system, transitioning, by the personal portable device,from an inactive mode to an active mode in a normal power state; whilethe personal portable device is in the active mode in the normal powerstate, receiving, at the personal portable device, biometric informationcollected by the host device; comparing the received biometricinformation to biometric information stored at the personal portabledevice; selecting, at the personal portable device, a financial accountusing account information stored at the personal portable device, theaccount information representing a plurality of financial accounts;authenticating, at the personal portable device, a user of the personalportable device based on security information received at the personalportable device; and wirelessly transmitting information identifying theselected financial account for reception by the host system to conductthe financial transaction in response to the received biometricinformation matching the biometric information stored on the personalportable device and the security information received at the personalportable device authenticating the user of the personal portable device.2. The method of claim 1, further comprising: wirelessly transmittingsecurity information for reception by the host device, the securityinformation for authenticating the selected financial account.
 3. Themethod of claim 1, wherein selecting the selected financial accountcomprises selecting the selected financial account in response to awireless query from the host device.
 4. The method of claim 1, whereinselecting the selected financial account comprises selecting theselected financial account responsive to authenticating a user of thepersonal portable device based on information obtained from the user. 5.The method of claim 1 further comprising: transmitting a breach ofsecurity message from the personal portable device to the host device inresponse to the received biometric information not matching thebiometric information stored on the personal portable device.
 6. Themethod of claim 5 further comprising: disabling the personal portabledevice if the received biometric information does not match thebiometric information stored on the personal portable device.
 7. Themethod of claim 5 further comprising: erasing the account informationfrom the personal portable device in response to the received biometricinformation not matching the biometric information stored on thepersonal portable device.
 8. The method of claim 1, further comprising:updating, at the personal portable device, the account information inresponse to receiving account update information for the selectedfinancial account from the host device in response to the financialtransaction.
 9. A personal portable device comprising: a memory to storeinformation identifying each of a plurality of financial accounts and tostore biometric information; an input interface to: wirelessly receive,from a host device, an activation signal from the host device to movefrom an inactive mode to an active mode in a normal power state toconduct a financial transaction and biometric information collected bythe host device, wherein the host device is within wireless range of thepersonal portable device; and receive, from a user of the personalportable device, security information to authenticate the user of thepersonal portable device; a security module to compare biometricinformation collected by and received from the host device to thebiometric information stored at the memory while the personal portabledevice is in the active mode in the normal power state; and an outputinterface to wirelessly transmit, for reception by the host device,information identifying a financial account selected by the personalportable device from the plurality of financial accounts.
 10. Thepersonal portable device of claim 9, wherein the output interface is towirelessly transmit security information authenticating the selectedfinancial account.
 11. The personal portable device of claim 9, whereinthe security module is to disable the personal portable device inresponse to the biometric information received from the host device notmatching the biometric information stored at the memory.
 12. Thepersonal portable device of claim 9, wherein the personal portabledevice is to update information for the selected financial accountstored at the memory in response to receiving account update informationfor the selected financial account from the host device in response tocompletion of a financial transaction using the selected financialaccount.
 13. The personal portable device of claim 9, furthercomprising: a magnetic component to facilitate detection of the personalportable device by the host device.
 14. The personal portable device ofclaim 13, wherein the magnetic component comprises an inductor.